Vivek Mohan
Senior Incident Response Specialist
D-102 Sai Sthaan, Plot 4,5,6, Sector 29, Nerul, Navi Mumbai
Summary
A passionate, detail-oriented, and results-driven Information Security Professional with 10 years of relevant experience in the areas of Intrusion detection, Incident Response, Web Application Security Testing, and Malware analysis. Proficient in driving improvements in security programs for multinational companies with a focus on threat mitigation and management.
Overview
13
13
years of professional experience
Work History
Sr Incident Response Specialist
Wabtec Corporation (US)
Bengaluru
06.2022 - 06.2023
- Incident Response, Threat Hunting, WAF Configuration and troubleshooting, configuring and monitoring EDR Tools, SIEM use case development.
Senior Security Operations Engineer
Aera Technology (US)
Pune
05.2020 - 05.2022
- Take lead on threat hunting, indicators of compromise analysis, and incident response.
- Create Web Application Firewall rules to mitigate threats and implement best practices. Perform hands-on Web Application Firewall configuration, policy fine-tuning, and maintenance.
- Integrate and Automate services and operational tasks by consuming APIs to enhance security controls and enforce security policies across the entire organization.
- Implement and operationalize Static code analysis tool.
- Triage old/vulnerable 3rd party libraries, code level defects with Engineering.
Information Security Analyst II
CSG International (US)
Bengaluru
12.2018 - 04.2020
- Respond to and Investigate Cyber Security Incidents.
- Participate in the Organization's Vulnerability Management Program.
- Define and maintain rule sets for File Integrity Monitoring.
Information Security Engineer
ThousandEyes
San Francisco
04.2016 - 08.2018
- Manage the Organization's Application Security Program including third party penetration testing, evaluating static code analysis tools, performing regular scans for application security vulnerabilities, and validating the findings.
- Ensure closure/logical conclusion of detected vulnerabilities in accordance with defined remediation targets through interaction with engineering team.
- Assess information security risks of new projects and non-standard IT requests using risk assessment methodologies based on provided architecture.
- Develop standard operating procedures as a reference for the internal team to assist with operational tasks.
- Deliver presentations to organization employees on Information Security Training and Awareness topics.
- Promptly investigate, and respond to all reported security incidents.
Security Command Center Analyst
eBay Inc.
San Jose
02.2015 - 04.2016
- Monitor and analyze security events. Own and manage tickets through to resolution.
- Perform forensic activities as directed. Analyze a variety of network and host-based security logs to determine the correct remediation actions and escalation paths for each incident.
- Independently follow procedures to contain,analyze, and eradicate malicious activity.
Security Center Ops Sr Analyst
Dell SecureWorks
Lisle
11.2013 - 02.2015
- Analyze and assess security incidents and escalate to client resources or appropriate internal teams for assistance.
- Handle clients' requests and questions in a timely and detail-oriented fashion in order to resolve a multitude of information security related situations.
- Interact with, configure, and troubleshoot network intrusion detection devices and other security systems via proprietary and commercial consoles, both local and remote.
Infrastructure Management Consultant
NetCom Systems Inc.
Norwalk
06.2013 - 10.2013
- Proactively monitor and troubleshoot the company's production network in accordance with standardized SLAs.
Assistant Systems Engineer
Tata Consultancy Services Ltd.
Mumbai
01.2010 - 08.2010
- Analyze Interface control documents, perform unit testing.
Education
Master of Science - Telecommunications Engineering
University of Colorado At Boulder
Boulder, CO 08.2011 - 05.2013
B.E - Electronics And Telecommunications
VESIT, University of Mumbai
Mumbai 08.2005 - 08.2009
Skills
Core Skills: Intrusion Detection, Network Traffic Forensics and Monitoring, Web Application Security, Incident Response, Malware Analysis, Endpoint Analysis, Security hardening, Security engineering, Cloud Technologies, Cloud Security, IDS/IPS, Firewalls, SIEM Tools, EDR, Network Security, Threat Intelligence, Threat Hunting, Vulnerability Management, Security Operations, Identity and Access Management, AWS Security, Azure, Kubernetes Security, Container Security, DevSecOps, SAST, DAST
Protocols, Frameworks and Standards: TLS, SSL, IPSec, TCP/IP, DNS, UDP, DHCP, SMTP, FTP, ARP, RADIUS, TACACS, HTTP, HTTPS, DES, Triple-DES, AES, PGP, SSH, OWASP Top 10, ISO 27001, NIST, PCI-DSS, Cyber Kill Chain, MITRE ATT&CK
Tools: Signal Sciences, Imperva WAF, Veracode, Lacework, CMD, Lookout CASB, Sonarqube, Qualys, Rapid7 InsightVM, Tenable, Burp Suite, OWASP ZAP, RSA Security Analytics, RSA NetWitness, Wireshark, Snort, Suricata, Zeek, tcpdump, Splunk, Crowdstrike Falcon, Carbon Black, SentinelOne, Trend Micro Deep Security, IBM QRadar, Cisco Firepower, MS Security and Compliance, Microsoft Cloud App Security, Keylight GRC, Threat Grid, Proofpoint, Agari, Recorded Future, Digital Shadows
Programming Languages: Python(basic), SQL(basic)
Operating Systems: Linux, Windows(basic), MacOS(basic)
Certifications: GIAC Web Application Penetration Tester (GWAPT), GIAC Certified Intrusion Analyst (GCIA)
Work Availability
monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse
Quote
There is a powerful driving force inside every human being that, once unleashed, can make any vision, dream, or desire a reality.
Tony Robbins
Timeline
Sr Incident Response Specialist
Wabtec Corporation (US)
06.2022 - 06.2023
Senior Security Operations Engineer
Aera Technology (US)
05.2020 - 05.2022
Information Security Analyst II
CSG International (US)
12.2018 - 04.2020
Information Security Engineer
ThousandEyes
04.2016 - 08.2018
Security Command Center Analyst
eBay Inc.
02.2015 - 04.2016
Security Center Ops Sr Analyst
Dell SecureWorks
11.2013 - 02.2015
Infrastructure Management Consultant
NetCom Systems Inc.
06.2013 - 10.2013
Master of Science - Telecommunications Engineering
University of Colorado At Boulder
08.2011 - 05.2013
Assistant Systems Engineer
Tata Consultancy Services Ltd.
01.2010 - 08.2010
B.E - Electronics And Telecommunications
VESIT, University of Mumbai
08.2005 - 08.2009